This driver allows you to associate vServer guests with a ''virtual'' network device rather than the host's real network interface, which functions to hide packet counters from vServer guests. There is no other use for this step, so feel free to skip it if you are not worried about sharing packet counters. Packet counts ''may'' be useful to an attacker with control of a vServer guest who wishes to perform side-channel attacks during cryptanalysis, or network traffic analysis against your host or other vServer guests. If you did not understand the last sentence and your installation is not particularly security sensitive, then the chances that you will encounter a skilled attacker are slim to none and you should feel free to skip this section.

+

This driver allows you to associate vServer guests with a ''virtual'' network device rather than the host's real network interface, which functions to hide packet counters from vServer guests. '''There is no other use for this step''', so feel free to skip it if you are not worried about sharing packet counters. (Packet counts ''may'' be useful to an attacker with control of a vServer guest who wishes to perform side-channel attacks during cryptanalysis, or network traffic analysis against your host or other vServer guests. If you did not understand the last sentence and your installation is not particularly security sensitive, then the chances that you will encounter a skilled attacker and this will actually matter are slim to none and you should feel free to skip this section.)

====Process====

====Process====

−

First you need to load the dummy interface driver

+

First you need to load the dummy interface driver (requires CONFIG_DUMMY=m in your kernel configuration)

Introduction

You want to have several vservers running without worrying about port overlapping.

Example:

Two vservers run a default webserver, running on port 80. If each "guest" vserver shares an IP with the host, then the two webservers will conflict.

One solution is:

All vservers are contained in a "virtual lan", say 192.168.1.x

Each vserver has its own IP

Control port forwarding on "parent" host. That is, run a router.

Configuration

Host

Optional: Load 'dummy' device(s)

Why?

This driver allows you to associate vServer guests with a virtual network device rather than the host's real network interface, which functions to hide packet counters from vServer guests. There is no other use for this step, so feel free to skip it if you are not worried about sharing packet counters. (Packet counts may be useful to an attacker with control of a vServer guest who wishes to perform side-channel attacks during cryptanalysis, or network traffic analysis against your host or other vServer guests. If you did not understand the last sentence and your installation is not particularly security sensitive, then the chances that you will encounter a skilled attacker and this will actually matter are slim to none and you should feel free to skip this section.)

Process

First you need to load the dummy interface driver (requires CONFIG_DUMMY=m in your kernel configuration)

# modprobe dummy

To have it automatically loaded on startup, add
"loopback" to /etc/modules

For each service that runs on a vserver, map it to an external port. Vserver local address $VHOST and port $INTPORT you select one external port $EXTPORT and run the following (put it in one line without backslash):